Snapchat might soon be facing torches and pitchforks if it doesn’t take drastic steps to ensure its security and placate its users. As much as 4.6 million names and phone numbers have reportedly been scraped off the photo sharing service’s database using an exploit that was made public just last week.
Snapchat’s security woes can be described as ironic and tragic, considering that privacy and security are supposedly the things that make Snapchat different from competitors like Instagram. Snapchat is what is called an ephemeral service or app, meaning photos that are shared are almost immediately destroyed after the recipient as viewed them. Of course, this penchant for privacy does make Snapchat a very tempting target, but the company’s response to security issues is described by some as somewhat indifferent, if not hard-nosed.
Last week, Australian research firm Gibson Security published some security exploits in frustration after Snapchat has repeatedly ignored the firm’s notices, much less actually plug the security holes. Now the inevitable has happened. Someone has actually used the exploit to gather as much user information as he or she can and even publish parts of it on a website. More worryingly, it seems that the author is willing to disclose the full database under certain circumstances.
Gibson Security, of course, denies any direct knowledge or involvement, aside from publishing the exploits, something that the company is probably only too happy to blame on Snapchat. Snapchat claims that there are several safeguards in place to prevent such scenarios, but this incident proves otherwise, leaving Snapchat in dire need of damage control.